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CLAIMS 

What is claimed is: 

1 . A method comprising a policy administrator: 

establishing a network monitoring digital contract with a network monitoring 
element; 

establishing a network use digital contract with a first and a second network 
element; and 

transmitting decrypting information to the network monitoring element for 
decrypting encrypted communications between the first network element and the 
second network element per terms in the network monitoring digital contract and 
the network use digital contract. 

2. The method of claim 1, wherein transmitting decrypting information to the 
network monitoring element for decrypting encrypted communications between 
the first network element and the second network element per terms in the 
network monitoring digital contract and the network use digital contract 
comprises the policy administrator: 

receiving a request from the network monitoring element for the decrypting 
information; 

transmitting a request to the network monitoring element for the network 
monitoring digital contract; 
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receiving the network monitoring digital contract from the network monitoring 
element; 

authenticating the received network monitoring digital contract; and 
transmitting decrypting keys to decrypt the encrypted communications between 
the first network element and the second network element to the network 
monitoring element. 



3. The method of claim 1, wherein transmitting decrypting information to the 
network monitoring element for decrypting encrypted communications between 
the first network element and the second network element per terms in the 
network monitoring digital contract and the network use digital contract 
comprises the policy administrator decrypting the encrypted communications 
between the network elements and transmitting the decrypted communications to 
the network monitoring element. 



4. The method of claim 1, wherein establishing a network monitoring digital 
contract with a network monitoring element comprises: 
receiving a network monitoring element's digital certificate; 
authenticating the network monitoring element's digital certificate; 
receiving a network monitoring element's digital signature; 
authenticating the network monitoring element's digital signature; 
writing contract terms in an electronic document; 
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writing the network monitoring element's digital certificate and the network 

monitoring element's digital signature in the electronic document; 

writing a digital certificate of the policy administrator and a digital signature of 

the policy administrator in the electronic document; and 

transmitting a copy of the electronic document to the network monitoring 

element. 

5. The method of claim 4, wherein writing contract terms in an electronic document 
comprises: 

writing an effective date and time of the network monitoring digital contract; 
writing a time period during which the network monitoring digital contract is 
valid; and 

specifying the decrypting information, including decrypting keys the network 
monitoring element is to receive. 

6. The method of claim 1, wherein establishing a network use digital contract with 
each network element comprises: 

receiving a network element's digital certificate; 
authenticating the network element's digital certificate; 
receiving a network element's digital signature; 
authenticating the network element's digital signature; 
writing contract terms in an electronic document; 
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writing the network element's digital certificate and the network element's digital 
signature in the electronic document; 

writing a digital certificate of the policy administrator and a digital signature of 

the policy administrator in the electronic document; and 

transmitting a copy of the electronic document to the network element. 

7. The method of claim 6, wherein writing contract terms in an electronic document 
comprises: 

writing an effective date and time of the network use digital contract; and 
specifying the decrypting information, including decrypting keys the policy 
administrator obtains from the network element. 

8. The method of claim 1 further comprising: 
establishing a network policy; and 

transmitting the network policy to network elements. 

9. A method, comprising a network monitoring element: 

establishing a network monitoring digital contract with a policy administrator; 
transmitting a request to monitor encrypted communications between network 
elements; 

transmitting the network monitoring digital contract; and 

receiving decrypting information, including decrypting keys from the policy 

administrator for decrypting encrypted communications between a first network 
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element and a second network element per the terms in the network monitoring 
digital contract. 



10. The method of claim 9, wherein receiving decrypting information from the policy 
administrator for decrypting encrypted communications between a first network 
element and a second network element per the terms in the network monitoring 
digital contract comprises receiving from the policy administrator decrypted 
communications after the policy administrator decrypts the encrypted 
communications between the network elements. 



1 1. The method of claim 9, wherein establishing a network monitoring digital 
contract with a policy administrator comprises a network monitoring element: 
transmitting its digital certificate to the policy administrator; 
transmitting its digital signature to the policy administrator; and 
receiving a copy of the network monitoring digital contract from the policy 
administrator. 



12. A method, comprising: 

establishing by a first network element, a network use digital contract with a 
policy administrator; 

communicating with a second network element per the terms of the network use 
digital contract; 
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logging in a secure manner, encryption and authenticating algorithms, and 
decryption keys used in the communication; and 

permitting the policy administrator access to the log to obtain the decrypting keys. 

13. The method of claim 12, wherein establishing by a first network element, a 
network use digital contract with a policy administrator comprises a network 
element: 

transmitting its digital certificate; 
transmitting its digital signature; and 

receiving a copy of the network use digital contract from the policy administrator. 




14. An article of manufacture comprising: 

a machine-readable medium that provides instructions, that when executed by a 
machine, cause said machine to perform operations comprising: 
establishing a network monitoring digital contract with a network monitoring 
element; 

establishing a network use digital contract with a first and a second network 
element; and 

transmitting decrypting information to the network monitoring element for 
decrypting encrypted communications between the first network element and the 
second network element per terms in the network monitoring digital contract and 
the network use digital contract. 
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15. The machine-readable medium of claim 14, wherein said instructions for 
transmitting decrypting information to the network monitoring element for 
decrypting encrypted communications between the first network element and the 
second network element per terms in the network monitoring digital contract and 
the network use digital contract, include further instructions to direct the policy 
administrator to receive a request from the network monitoring element for the 
decrypting information; to receive the network monitoring digital contract from 
the network monitoring element; to authenticate the network monitoring digital 
contract; and to transmit decrypting information, including decrypting keys 
needed to decrypt the encrypted communications between the network elements. 

16. The machine-readable medium of claim 14, wherein said instructions for 
transmitting decrypting information to the network monitoring element for 
decrypting encrypted communications between the first network element and the 
second network element per terms in the network monitoring digital contract and 
the network use digital contract include further instructions to decrypt the 
encrypted communications between the network elements; and to transmit the 
decrypted communications to the network monitoring element. 

17. The machine-readable medium of claim 14, wherein said instructions establishing 
a network monitoring digital contract between a policy administrator and a 
network monitoring element include further instructions to receive a network 
monitoring element's digital certificate and digital signature; to authenticate the 
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network monitoring element's digital certificate and digital signature; to write the 
contract terms, including an effective date and time of the network monitoring 
digital contract; to specify a time period during which the network monitoring 
digital contract is valid; to specify the decrypting information, including 
decrypting keys the network monitoring element is to obtain in an electronic 
document; to write the network monitoring element's digital certificate and digital 
signature in the electronic document; to write a digital certificate and a digital 
signature of the policy administrator in the electronic document; and to transmit a 
copy of the electronic document to the network monitoring element. 




18. The machine-readable medium of claim 14, wherein said instructions establishing 
a network use digital contract between the policy administrator and network 
elements include further instructions to receive a network element's digital 
certificate and digital signature; to authenticate the network elements digital 
certificate and digital signature; to write contract terms, including an effective 
date and time of the network use digital contract; to specify the decrypting 
information, including decrypting keys the policy administrator is to obtain in an 
electronic document; to write the network element's digital certificate and digital 
signature in the electronic document; to write a digital certificate and a digital 
signature of the policy administrator in the electronic document; and to transmit a 
copy of the electronic document to the network element. 
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19. The machine-readable medium of claim 14, wherein said instructions include 
further instructions to establish a network policy; and to transmit the network 
policy to network elements. 

20. An article of manufacture comprising: 

a machine-readable medium that provides instructions, that when executed by a 
machine, cause said machine to perform operations comprising: 
establishing a network monitoring digital contract with a policy administrator; 
transmitting a request to monitor encrypted communications between network 
elements; 

transmitting the network monitoring digital contract; and 
receiving decrypting information, including decrypting keys from the policy 
administrator for decrypting encrypted communications between a first network 
element and a second network element per the terms in the network monitoring 
digital contract. 

21. The machine-readable medium of claim 20, wherein said instructions for 
receiving decrypting information from the policy administrator for decrypting 
encrypted communications between a first network element and a second network 
element per the terms in the network monitoring digital contract include further 
instructions to receive from the policy administrator decrypted communications 
after the policy administrator decrypts the encrypted communications between the 
network elements. 
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22. The machine-readable medium of claim 20, wherein said instructions for 
establishing a network monitoring digital contract with a policy administrator 
include further instructions for a network monitoring element to transmit its 
digital certificate to the policy administrator; to transmit its digital signature to the 
policy administrator; and to receive a copy of the network monitoring digital 
contract from the policy administrator. 

23. An article of manufacture comprising: 

a machine-readable medium that provides instructions, that when executed by a 
machine, cause said machine to perform operations comprising: 
establishing by a first network element, a network use digital contract with a 
policy administrator; 

communicating with a second network element per the terms of the network use 
digital contract; 

logging in a secure manner, encryption and authenticating algorithms, and 
decryption keys used in the communication; and 

permitting the policy administrator access to the log to obtain the decrypting keys. 

24. The machine-readable medium of claim 23, wherein said instructions for 
establishing by a first network element, a network use digital contract with a 
policy administrator include further instructions for a network element to transmit 
its digital certificate; to transmit its digital signature; and to receive a copy of the 
network use digital contract from the policy administrator. 
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25. An apparatus comprising: 

a receiver to receive a request for decrypting information, and to receive a 

network monitoring digital contract from a network monitoring element; 

a microprocessor communicatively coupled to said receiver and a memory, to 

authenticate the network monitoring digital contract; and 

a transmitter communicatively coupled to said microprocessor and memory to 

transmit a network policy and decrypting information, including decrypting keys 

to decrypt encrypted communications between network elements. 

26. The apparatus of claim 25, wherein the microprocessor retrieves from the memory 
decrypting information including decrypting keys, to decrypt the encrypted 
communications between the network elements and to transmit the decrypted 
communications to the network monitoring element. 

27. The apparatus of claim 25, wherein the microprocessor retrieves from a network 
element decrypting information including decrypting keys and the transmitter 
transmits the decrypting information to the network monitoring element. 

28. An apparatus comprising: 

a receiver to receive a network monitoring digital contract, and decrypting 
information, including decrypting keys from a policy administrator; 
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said receiver to receive encrypted communications between a first network 
element and a second network element; 

a microprocessor communicatively coupled to the receiver and a memory, said 
memory to store the network monitoring digital contract, and to use the 
decrypting information, including the decrypting keys to decrypt the encrypted 
communications between the first and the second network element; 
a transmitter communicatively coupled to the microprocessor and the memory to 
transmit a request to the policy administrator for the decrypting information, 
including the decrypting keys to decrypt the encrypted communications between 
the first and the second network element, and to transmit the network monitoring 
digital contract to the policy administrator. 

29. The apparatus of claim 28, wherein the receiver receives decrypted 
communications from the policy administrator. 
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